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IMAP4 Extension for Returning MYRIGHTS Information in Extended LIST 


Abstract 


This document defines an extension to the Internet Message Access 

Protocol (IMAP) LIST command that allows the client to request the 

set of rights that the logged-in user has been granted on mailboxes, 

along with other information typically returned by the LIST command. 
Status of This Memo 


This is an Internet Standards Track document. 


This document is a product of the Internet Engineering Task Force 


(IETF). It represents the consensus of the IETF community. It has 
received public review and has been approved for publication by the 
Internet Engineering Steering Group (IESG). Further information on 


Internet Standards is available in Section 2 of RFC 7841. 


Information about the current status of this document, any errata, 
and how to provide feedback on it may be obtained at 
https://www.rfc-editor.org/info/rfc8440. 
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1. Introduction 


IMAP [RFC3501] clients typically fetch the set of rights granted on 
mailboxes so they can expose the allowed functionality to the logged- 
in user. In order to do that, the client is forced to issue a LIST 
or LSUB command to list all available mailboxes, followed by a 
MYRIGHTS command for each mailbox found. This document defines an 
extension to the to IMAP LIST command that is identified by the 
capability string "LIST-MYRIGHTS". The LIST-MYRIGHTS extension 
allows the client to request the set of rights that the logged-in 
user has been granted on mailboxes, along with other information 
typically returned by the LIST command. 


2. Conventions Used in This Document 
In examples, "C:" indicates lines sent by a client that is connected 
to a server. "S:" indicates lines sent by the server to the client. 


The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", “SHALL NOT", 
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 
"OPTIONAL" in this document are to be interpreted as described in 
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 
capitals, as shown here. 


3.  MYRIGHTS Return Option to LIST Command 


[RFC4314] defines the MYRIGHTS command, which is used by an IMAP 
client to determine the set of rights that the logged-in user has 
been granted on a given mailbox. Frequently, a client will have to 
look up the rights for some or all of the mailboxes returned by the 
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LIST command. Doing so in multiple MYRIGHTS commands wastes 
bandwidth and can degrade performance if the client does not pipeline 
the requests. 


This document extends the LIST command with a new "MYRIGHTS" return 
option [RFC5258] that allows the client to request all of the desired 
information in a single command. For each listable mailbox matching 
the list pattern and selection options, the server MUST return an 
untagged LIST response and SHOULD also return an untagged MYRIGHTS 
response containing the set of rights granted to the logged-in user. 
The ordering of the responses is significant only in that the server 
MUST NOT send a MYRIGHTS response for a given mailbox before it sends 
the LIST response for that mailbox. 


If the server is unable to look up the set of rights for a given 
mailbox, it does not send the MYRIGHTS reply for that mailbox. 


Client authors ought to note that generating the MYRIGHTS responses 
for a large number of mailboxes may be an expensive operation for the 
server. Clients SHOULD use a suitable match pattern and/or selection 
option to limit the set of mailboxes returned to only those in whose 
rights they are interested. 


Examples 


In this example, the "bar" mailbox doesn’t exist, so it has no 
MYRIGHTS reply. 


C: A01 LIST "" % RETURN (MYRIGHTS) 
Sih *® LEST: cep st MENBOX" 

S: * MYRIGHTS "INBOX" lrswipkxtecda 
Site GIST. (J2 TmT EE OO" 

S: * MYRIGHTS "foo" lrs 

S: * LIST (\NonExistent) "." "bar" 
S: A01 OK List completed. 


In this example, the LIST reply for the "foo" mailbox is returned 
because it has matching children, but no MYRIGHTS reply is returned, 
because "foo" itself doesn’t match the selection criteria. 


C: A02 LIST (SUBSCRIBED RECURSIVEMATCH) "" % RETURN (MYRIGHTS) 
S: * LIST (\Subscribed) "." "INBOX" 

S: * MYRIGHTS "INBOX" lrswipkxtecda 

S: * LIST () "." "foo" (CHILDINFO ("SUBSCRIBED") ) 

S: A02 OK List completed. 
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3% 


Formal Syntax 


The following syntax specification uses the augmented Backus-Naur 
Form (BNF) as described in [RFC5234]. Terms not defined here are 
taken from [RFC5258]. 


return-option =/ "MYRIGHTS" 
Security Considerations 


In addition to the security considerations described in [RFC4314], 
this extension makes it a bit easier for clients to overload the 
server by requesting MYRIGHTS information for a large number of 
mailboxes. However, as noted in the introduction, existing clients 
already try to do that by generating a large number of MYRIGHTS 
commands for each mailbox in which they are interested. While 
performing MYRIGHTS information retrieval for big lists of mailboxes, 
a server implementation needs to make sure that it can still serve 
other IMAP connections and yield execution to other connections, when 
necessary. 


Privacy Considerations 


This specification does not introduce any additional privacy concerns 
beyond those described in [RFC4314]. 


IANA Considerations 


.1. Registration of IMAP Capability LIST-MYRIGHTS 


This document defines the "LIST-MYRIGHTS" IMAP capability that has 
been added to the "IMAP Capabilities" registry [CAPABILITIES]. 


-2. Registration of LIST-EXTENDED Option MYRIGHTS 


This section registers the "MYRIGHTS" option that has been added to 
the "LIST-EXTENDED options" registry [EXTENDED]. 


LIST-EXTENDED option name: MYRIGHTS 
LIST-EXTENDED option type: RETURN 


LIST-EXTENDED option description: Causes the LIST command to return 
MYRIGHTS responses in addition to LIST responses. 


Published specification: RFC 8440, Section 3 


Security considerations: RFC 8440, Section 6 
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Intended usage: COMMON 


Person and email address to contact for further information: 
Kenneth Murchison <murch@fastmailteam. com> 


Owner/Change controller: IESG <iesg@ietf.org> 
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